6 matches found
CVE-2008-3906
CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string...
Mandriva Security Advisory MDVSA-2009:322 (mono)
The remote host is missing an update to mono announced via advisory MDVSA-2009:322. OpenVAS Vulnerability Test $Id: mdksa2009322.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:322 mono Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
Ubuntu USN-826-1 (mono)
The remote host is missing an update to mono announced via advisory USN-826-1. OpenVAS Vulnerability Test $Id: ubuntu8261.nasl 8616 2018-02-01 08:24:13Z cfischer $ $Id: ubuntu8261.nasl 8616 2018-02-01 08:24:13Z cfischer $ Description: Auto-generated from advisory USN-826-1 mono Authors: Thomas...
USN-826-1: Mono vulnerabilities
It was discovered that the XML HMAC signature system did not correctly check certain lengths. If an attacker sent a truncated HMAC, it could bypass authentication, leading to potential privilege escalation. CVE-2009-0217 It was discovered that Mono did not properly escape certain attributes in th...
CVE-2008-3906
CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string...
CVE-2008-3906
CVE-2008-3906 is a CRLF injection vulnerability in Mono’s Sys.Web (versions 2.0 and earlier) that enables remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via CRLF sequences in the query string. Multiple advisories (Mandriva MDVSA-2008:210-1, Ubuntu USN-826-1,...